Default listing has become increasingly complex under the Amended Privacy Act and Australia now has probably the world’s most complicated requirements for default listing including among many other things:
– requirements for multiple notifications;
– requirements for time periods between notices and from notices to listing events; and
– complexity regarding what information can be listed. “Credit Repair” is a new “industry” that is largely centred around default listing, in particular seeking to remove defaults from an individual’s credit file. Their practices are increasingly causing credit providers concerns, and this is likely to only get worse.

Relevant Definitions Part IIIA of the Privacy Act is heavily reliant on a set of complicated definitions to construct various constraints and permissions with regard to the use of personal information. They are used like building blocks.

Three definitions are key in terms of default listings (known as Default Information); Credit Information, Consumer Credit and Default Information.  
- Credit Information – defines and limits the inputs to  an individual’s credit report. Under Section 6N (f) default Information is listed as one of things that  can be included.
- Consumer Credit – is defined as credit:
a. for which an application has been made by an individual to a credit provider, or that has been provided to an individual by a credit provider, in the course of the provider carrying on a business or undertaking as a credit provider; and
b. that is intended to be used wholly or primarily:
i. for personal, family or household purposes; or
ii. to acquire, maintain, renovate or improve residential property for investment purposes; or
iii. to refinance consumer credit that has been provided wholly or primarily to acquire, maintain, renovate or improve residential property for investment purposes. 
- Default Information – is limited to Consumer Credit and in relation to guarantees, only guarantees of Consumer Credit.

If the credit is ‘consumer credit’ are you  allowed to list Default Information?

Yes, subject to further requirements but as this article focuses on commercial credit, I won’t go into that detail here.

If the credit you grant is ‘commercial credit’ (defined as NOT consumer credit) are you allowed to list a commercial default?

Yes, but as it is not within the definition of default information relative to Part IIIA, the rules in that section  of the Act regarding ‘default information’ do not apply.

If the information about the individual relates to commercial credit (such as someone who gave a personal guarantee), then only the more general rule about personal information under the APPs would apply.

So – the 2 KEY QUESTIONS are:
1. What sort of credit is involved – CONSUMER OR COMMERCIAL? and
2. Are you seeking to list the default against a business  or a person?

Assuming that the credit is COMMERCIAL CREDIT:  
- If you list against a business the Privacy Act does not apply, because a business is not a person so information about a business is not personal information.  
- If you list against a person (such as someone who has given a ‘personal guarantee’), this information is personal information and the APPs would apply. The APPs are far less prescriptive and it would seem that so long as you notify the individual that their personal details could be used to list a default in relation to the COMMERCIAL credit you extended, then that would seem to meet your obligations.

Note – there are also APP provisions about ensuring that information is kept up to date and if the debt has been subsequently paid, then that should be reflected in a timely manner, something that requires effective tracking to achieve.

The Credit Reporting Bodies will likely have procedures and requirements in relation to both listing and updating COMMERCIAL defaults, whether they are listed against a business or an individual. It is important that you get a copy of these and follow them exactly and if you are not clear, ask your supplier to explain.

Credit Repair

One of the tactics used in ‘Credit Repair’ is to accuse you of breaching sections of the Privacy Act (including Part IIIA and/or the Credit Reporting Code of Conduct) and to threaten to take the matter to an Ombudsman Service if you don’t remove the default.

Based on the above, if they are referring to Part IIIA, and the credit involved is COMMERCIAL, you need to ensure your listing was placed on the correct file – the individual’s COMMERCIAL file and not their CONSUMER file.

If the listing was placed on the wrong file, you will need to work with the Credit Reporting Business or multiple businesses that you reported the data to, and have the listing rectified.

If the listing is on the correct file (or you had it on the wrong file but have now listed it properly on the commercial file), it is my understanding, as confirmed by a Financial Ombudsman Service “FOS” representative, the listing must comply with the more general APP requirements and what is generally ‘fair’.

What could that require?

If you can show that you have given notice, have listed the correct type of default (being NOT a consumer default) and have followed updating procedures, it may be that FOS would uphold your listing and deny the request by the Credit Repairer to have it removed.

Further, FOS has very recently issued a statement about the actions of credit repairers as it seems they think that some credit repair companies attempt to ‘abuse’ the system and bully you into removing a default listing. When this is determined, FOS will not charge their member for the case. You can find more detail here: http://www.

This briefing was prepared by Michael Hartman, one of the Principal Consultants at Inflexion Point Consulting.

You can contact Michael at  or Debra at

Download full article